[PATCH] Bluetooth: hci_bcm: Fix crash on suspend

linux-bluetooth.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] Bluetooth: hci_bcm: Fix crash on suspend
@ 2015-08-28 13:44 Frederic Danis
  2015-08-28 19:09 ` Marcel Holtmann
  0 siblings, 1 reply; 2+ messages in thread
From: Frederic Danis @ 2015-08-28 13:44 UTC (permalink / raw)
  To: linux-bluetooth

If bcm_suspend is called whithout device opened there is a crash as
it tries to use bdev->hu which is NULL.
Rename bcm_device_list_lock to bcm_device_lock as it does not only apply
to bcm_device_list.

Signed-off-by: Frederic Danis <frederic.danis@linux.intel.com>
---
 drivers/bluetooth/hci_bcm.c | 36 ++++++++++++++++++++++++++----------
 1 file changed, 26 insertions(+), 10 deletions(-)

diff --git a/drivers/bluetooth/hci_bcm.c b/drivers/bluetooth/hci_bcm.c
index 33ec097..835bfab 100644
--- a/drivers/bluetooth/hci_bcm.c
+++ b/drivers/bluetooth/hci_bcm.c
@@ -66,7 +66,7 @@ struct bcm_data {
 };
 
 /* List of BCM BT UART devices */
-static DEFINE_SPINLOCK(bcm_device_list_lock);
+static DEFINE_SPINLOCK(bcm_device_lock);
 static LIST_HEAD(bcm_device_list);
 
 static int bcm_set_baudrate(struct hci_uart *hu, unsigned int speed)
@@ -118,7 +118,7 @@ static int bcm_set_baudrate(struct hci_uart *hu, unsigned int speed)
 	return 0;
 }
 
-/* bcm_device_exists should be protected by bcm_device_list_lock */
+/* bcm_device_exists should be protected by bcm_device_lock */
 static bool bcm_device_exists(struct bcm_device *device)
 {
 	struct list_head *p;
@@ -164,7 +164,7 @@ static int bcm_open(struct hci_uart *hu)
 
 	hu->priv = bcm;
 
-	spin_lock(&bcm_device_list_lock);
+	spin_lock(&bcm_device_lock);
 	list_for_each(p, &bcm_device_list) {
 		struct bcm_device *dev = list_entry(p, struct bcm_device, list);
 
@@ -185,7 +185,7 @@ static int bcm_open(struct hci_uart *hu)
 	if (bcm->dev)
 		bcm_gpio_set_power(bcm->dev, true);
 
-	spin_unlock(&bcm_device_list_lock);
+	spin_unlock(&bcm_device_lock);
 
 	return 0;
 }
@@ -197,14 +197,14 @@ static int bcm_close(struct hci_uart *hu)
 	BT_DBG("hu %p", hu);
 
 	/* Protect bcm->dev against removal of the device or driver */
-	spin_lock(&bcm_device_list_lock);
+	spin_lock(&bcm_device_lock);
 	if (bcm_device_exists(bcm->dev)) {
 		bcm_gpio_set_power(bcm->dev, false);
 #ifdef CONFIG_PM_SLEEP
 		bcm->dev->hu = NULL;
 #endif
 	}
-	spin_unlock(&bcm_device_list_lock);
+	spin_unlock(&bcm_device_lock);
 
 	skb_queue_purge(&bcm->txq);
 	kfree_skb(bcm->rx_skb);
@@ -338,6 +338,11 @@ static int bcm_suspend(struct device *dev)
 
 	BT_DBG("suspend (%p): is_suspended %d", bdev, bdev->is_suspended);
 
+	spin_lock(&bcm_device_lock);
+
+	if (!bdev->hu)
+		goto unlock;
+
 	if (!bdev->is_suspended) {
 		hci_uart_set_flow_control(bdev->hu, true);
 
@@ -352,6 +357,9 @@ static int bcm_suspend(struct device *dev)
 		mdelay(15);
 	}
 
+unlock:
+	spin_unlock(&bcm_device_lock);
+
 	return 0;
 }
 
@@ -362,6 +370,11 @@ static int bcm_resume(struct device *dev)
 
 	BT_DBG("resume (%p): is_suspended %d", bdev, bdev->is_suspended);
 
+	spin_lock(&bcm_device_lock);
+
+	if (!bdev->hu)
+		goto unlock;
+
 	if (bdev->device_wakeup) {
 		gpiod_set_value(bdev->device_wakeup, true);
 		BT_DBG("resume, delaying 15 ms");
@@ -375,6 +388,9 @@ static int bcm_resume(struct device *dev)
 		hci_uart_set_flow_control(bdev->hu, false);
 	}
 
+unlock:
+	spin_unlock(&bcm_device_lock);
+
 	return 0;
 }
 #endif
@@ -488,9 +504,9 @@ static int bcm_probe(struct platform_device *pdev)
 	dev_info(&pdev->dev, "%s device registered.\n", dev->name);
 
 	/* Place this instance on the device list */
-	spin_lock(&bcm_device_list_lock);
+	spin_lock(&bcm_device_lock);
 	list_add_tail(&dev->list, &bcm_device_list);
-	spin_unlock(&bcm_device_list_lock);
+	spin_unlock(&bcm_device_lock);
 
 	bcm_gpio_set_power(dev, false);
 
@@ -501,9 +517,9 @@ static int bcm_remove(struct platform_device *pdev)
 {
 	struct bcm_device *dev = platform_get_drvdata(pdev);
 
-	spin_lock(&bcm_device_list_lock);
+	spin_lock(&bcm_device_lock);
 	list_del(&dev->list);
-	spin_unlock(&bcm_device_list_lock);
+	spin_unlock(&bcm_device_lock);
 
 	acpi_dev_remove_driver_gpios(ACPI_COMPANION(&pdev->dev));
 
-- 
1.9.1


^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH] Bluetooth: hci_bcm: Fix crash on suspend
  2015-08-28 13:44 [PATCH] Bluetooth: hci_bcm: Fix crash on suspend Frederic Danis
@ 2015-08-28 19:09 ` Marcel Holtmann
  0 siblings, 0 replies; 2+ messages in thread
From: Marcel Holtmann @ 2015-08-28 19:09 UTC (permalink / raw)
  To: Frederic Danis; +Cc: linux-bluetooth

Hi Fred,

> If bcm_suspend is called whithout device opened there is a crash as
> it tries to use bdev->hu which is NULL.
> Rename bcm_device_list_lock to bcm_device_lock as it does not only apply
> to bcm_device_list.
> 
> Signed-off-by: Frederic Danis <frederic.danis@linux.intel.com>
> ---
> drivers/bluetooth/hci_bcm.c | 36 ++++++++++++++++++++++++++----------
> 1 file changed, 26 insertions(+), 10 deletions(-)

patch has been applied to bluetooth-next tree.

Regards

Marcel


^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2015-08-28 19:09 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-08-28 13:44 [PATCH] Bluetooth: hci_bcm: Fix crash on suspend Frederic Danis
2015-08-28 19:09 ` Marcel Holtmann

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).